Important Magento 1.x and 2.x Security Updates

Magento has released new updates to increase product security and functionality. The releases contain over 15 security enhancements and Magento 2.x updates that also address image resizing and MasterCard BIN number expansion.

Support for MasterCard BIN number expansion

In our last newsletter, we have updated you regarding Magento Patch SUPEE-8967 for MasterCard BIN expansion. MasterCard recently added a new series of Bank Identification Numbers (BIN). If you are running Magento 2.1.3 or later, your Magento software already provides support for these new BINs. Merchants using the following versions must upgrade or apply a patch by June 30, 2017 or face potential fines from MasterCard and lost sales.

Enterprise Edition 2.1.2 or earlier

All Enterprise Edition 2.0.x releases

All Enterprise Edition 1.14.2.x releases or earlier

All Community Edition 1.9.2.x releases or earlier

Reversion of the changes to image resizing that was introduced in Magento 2.1.6.

Certain image resizing changes introduced unanticipated problems. Magento has reverted these changes in this release and will provide improvements to image resizing in a future product update.

It is highly recommended by Magento to deploy these new releases right away, to ensure optimal security and performance. As a best practice, install and test these releases in a development environment before releasing into production to avoid any disruption to your store.